W3C home > Mailing lists > Public > public-webid@w3.org > September 2012

Re: [dane] Call for Adoption: "Using Secure DNS to Associate Certificates with Domain Names For S/MIME"

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Tue, 25 Sep 2012 08:59:50 -0400
Message-ID: <5061AAC6.5010209@openlinksw.com>
To: Henry Story <henry.story@bblfish.net>
CC: Warren Kumari <warren@kumari.net>, "public-webid@w3.org" <public-webid@w3.org>, IETF DANE WG list <dane@ietf.org>
On 9/25/12 8:26 AM, Henry Story wrote:
>>> http://bblfish.net/
>>> >>
>>> >>
>>> >>
>>> >>
>> >
>> >Henry,
>> >
>> >S/MIME and WebID work together very well. That's something we've long implemented. Notice the certificate used to sign this mail:-)
>> >
>> >To conclude, WebID is another option with finer granularity and more distributed control (no DNS admin access privileges required, just own a profile document) re., mail sender identity verification.
> It may be interesting to know from the DANE working group, what they think would need to be done to make the application of WebID to S/MIME something more widely known about.

Yes, that's a good point. In WebID lies a more fined-grained and 
distributed approach to identity verification that fits naturally into 
today's Internet and Web networks.

> Currently the WebID spec (http://webid.info/spec  ) illustrates how one can use a WebID in a client certificate to authenticate with TLS on any server. Perhaps the WebID working group should put some documents forward on how this can be used for S/MIME?

Maybe.
> Or perhaps an RFC would be more useful for that?

I think so.
> I don't think we have any formal document on that yet.

At this juncture, as part of S/MIME implementation in our clients and 
servers, we have the option to verify identity using the WebID protocol 
. On our side, this remains one of the most powerful demonstrations of 
WebID utility.

-- 

Regards,

Kingsley Idehen	
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen







Received on Tuesday, 25 September 2012 13:01:50 UTC

This archive was generated by hypermail 2.3.1 : Sunday, 31 March 2013 14:40:59 UTC